🛡️ CVE-2026-9435: Critical OS command injection in Totolink A8000RU (fw 7.1cu.643_b20200521) allows unauthenticated remote code execution. No patch yet — restrict web UI & monitor advisories. Exploit is public! https://radar.offseq.com/threat/cve-2026-9435-os-command-injection-in-totolink-a80-a8a549f3 #OffSeq #CVE20269435 #IoTSecurity